How DNS Cache Works

What DNS and DNS Cache are?

The Domain Name Service (DNS), is an Internet service that is responsible for translating Fully Qualified Domain Names (FQDN), like website addresses, into IP addresses. Without a working DNS configuration, computers wouldn’t be able to communicate with each other, let alone allow their users to connect to the Internet, browse websites, and access cloud applications.

A DNS Cache works by temporarily storing the results of recently browsed websites’ DNS queries, or other FQDNs, on a local file for faster retrieval.

I have configured some DNS performance monitoring tests on our NetBeez demo dashboard, as shown below. Upon generating this historical report, I found that a baseline for DNS lookup is around 50 milliseconds, with peaks between 150 and 200 milliseconds. Below you can see the performance timeline for one day.

Such amount of time may not sound like a lot of time, but if you consider that the median number of resources per web page is 85, then you can see how DNS requests add up and impact the page loading time and, consequently, end-user experience.

DNS Cache and end-user experience

Does enabling the DNS Cache really reduce page loading time? I enabled DNS caching on a Linux-based NetBeez virtual agent that is monitoring some websites, such as YouTube, Google, and Salesforce. As you can see from the below historical plot of an HTTP test to YouTube, the actual HTTP GET time decreased as soon as I enabled DNS caching (around 14:00).

In the following real-time graph you can see that the one-day average, represented in this chart by the horizontal blue line, has a reported value of 0.086 seconds. This average is way higher than 0.05 seconds, that is the value of most of the HTTP test results with DNS caching enabled.

Clearly, DNS caching is something that network engineers and administrators have to keep in mind when troubleshooting network and application problems. In the next sections of this article, we’ll see how to inspect and clear the DNS cache on three of the most popular operating systems.

How to inspect the DNS cache on Windows, Mac OS X, and Linux

In Windows, you can inspect the content of such file by typing ipconfig/displaydns on a command prompt.

In Mac OS X, inspecting the DNS cache is a little more tricky than Windows. If you have a Mac OS X system with Sierra (10.12), you’ll have to open the Console application (just search with Spotlight) and type ‘mdnsresponder’ in the top right filter bar of the Console window. After that, open a new Terminal window (search again with Spotlight) and type in the command prompt “sudo killall-INFO mDNSResponder”.

Not all the Linux distributions have DNS caching enabled, or installed by default. If you want to install a DNS caching application on your host, just search and install the nscd package. In Linux, the process is a little more tricky because the DNS cache content is stored in binary format. If you want to inspect high level statistics about cached files, just type the following command on a command prompt:

sudo nscd-g

You can see in the below-truncated output, all the information provided by the command:

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

hosts cache:

yes cache isenabled

yes cache ispersistent

yes cache isshared

211suggested size

216064total data pool size

18616used data pool size

3600seconds time tolive forpositive entries

20seconds time tolive fornegative entries

322cache hits on positive entries

0cache hits on negative entries

849cache misses on positive entries

1806cache misses on negative entries

10%cache hit rate

144current number of cached values

150maximum number of cached values

5maximum chain length searched

0number of delays on rdlock

0number of delays on wrlock

0memory allocations failed

yes check/etc/hosts forchanges

If you have a Debian or Ubuntu system, the DNS cache file is stored in the directory /var/cache/nscd. The DNS records are stored in the /var/cache/nscd/hosts file. If you want to have a sense of DNS entries cached, just type:

sudo strings/var/cache/nscd/hosts

As you’ll see in the next section, in some situations it may be necessary to clear the DNS cache. This may be due to an updated DNS entry, or to troubleshoot a network connectivity problem happening on a user PC.

How to clear the DNS cache

When troubleshooting network problems, or dealing with suspected DNS poisoning, it may be necessary to flush the DNS cache. This is the case when a DNS entry was changed but the computer’s DNS cache is still using stale information. In Windows, for example, successful DNS entries are cached for one day, while failed ones, only for five minutes. Sometimes this can be a problem.

To clear the cache on Windows, open a command prompt and type the following command:

ipconfig/flushdns

To clear the cache on Mac OS X with Sierra (10.12), open a terminal and type the following command:

Open a terminal and restart the nscd process with the following commands:

/etc/init.d/nscd stop

/etc/init.d/nscd start

I hope this article was helpful to learn more about DNS caching and how to deal with it when troubleshooting network problems. If you have any feedback or a contribution to make to the discussion, please use the comments section.